Privacy Policy for Qovex Users
Date: 6 December 2024
This Privacy Policy (“Policy”) outlines how Qovex Companies (“Qovex” or “we”) are collecting, using, disclosing, or otherwise processing your Personal Data and what kind of rights you have and how you can exercise them. The Policy supplements the Terms of Use of the Qovex Company where you have opened your Account.
You are required to acknowledge and accept this Policy during the registration process. This will not be considered as consent for certain purposes of processing, which will be obtained independently.
This Policy does not apply to websites, applications or services that are not linked to this Policy or to those operated by third parties. Qovex is not responsible for and shall have no liability whatsoever in connection with such third party’s processing of your information. We encourage you to review the privacy policies posted on those websites, applications, and services.
This Policy is supplemented by:
- Appendix A: which defines additional terms for California residents; and
- Appendix B: which defines additional terms in accordance with Gramm- Leach- Bliley Act
- Appendix C: which defines terms which are written with capital letter but not explained in main body of the Policy.
Does this Policy apply to you?
If you started registration for use of our products and services (created Account) and you are using them, this Policy is applicable to you, regardless of if you are:
- Individual user (“Individual Users”)
- Individual whose Personal Data is processed within the scope of activity of legal entity (e.g. authorized representatives, ultimate beneficial owners) (“Corporate Users”).
Term “User” refers to both Corporate Users and Individual Users.
In certain cases, this Policy is related also to those who browse through the website (e.g. information with regards to the use of Cookies) or their personal data is otherwise processed.
Qovex Companies, Contact Information and Data Protection Officer(s)
Within the settings of your Account, you can check on which Qovex Company you are onboarded, and this company is considered as a Controller of your Personal Data, responsible for processing in compliance with applicable Personal Data Laws.
If you have any questions with regards to this Policy or processing of your Personal Data, we advise you to contact us using the contact information below or raise them through the support ticket in your Account.
Qovex Company (“Controllers”) | Contact Information |
Qovex Europe S.A., Luxembourg | UK: USA: Luxembourg: |
Qovex Ltd, | |
Qovex Global Ltd, British Virgin Islands | |
Qovex US Inc, United States | |
Qovex UK Ltd., | |
Qovex Financial Services d.o.o. |
We have appointed a Data Protection Officer (“DPO”)- you can also contact the DPO in case of any question in relation to this Policy or any other inquiries with regards to processing of your Personal Data via the email [email protected].
How we collect and process your Personal Data?
Qovex collects Personal Data:
Directly from you: for example, during the registration and onboarding, or when executing transactions or using our services, and when you communicate with us; and
By automatic collection, when you are using our services and it relates to certain computer, device, or browser information (e.g., IP address, device information); and
From third party sources (e.g. reputational, financial information and business activities of our Corporate Users).
You can find details about which Personal Data is processed and for which purpose and what is our legal basis for processing your Personal Data in this section.
We might modify this section when required, to ensure transparency or compliance with applicable legal and technical changes.
Registration of Individual Users | ||
You need to create an Account prior to using the services provided by Qovex, which includes:
If you are younger than 18 years or reside in countries where we do not offer services, you will not be able to register. While this is automated decision making, objection is not possible since this is a condition for usage of our services. | ||
Personal Data |
|
|
Legal Basis | Contract/negotiation to conclude a contract | |
Onboarding and verification | ||
Anti-money laundering and counter-terrorist financing legislation (“AML”) requires us to perform Customer Due Diligence prior to establishing a business relationship you. For this purpose:
Similar AML requirements exist for individuals acting on behalf of Corporate Users (directors, ultimate beneficial owners, authorized representatives etc.). | ||
Personal Data |
|
|
Scope of the Personal Data depends on the nature of individual and AML requirements for specific entity and risk factors. | ||
Legal Basis | Compliance with legal obligation | |
Account Management & Updates | ||
We will process certain Personal Data for the purpose of providing you with certain functionalities of your Account within the scope of provision of our services, including, but not limited to:
For certain actions we might also require you to identify yourself, to prevent unauthorized access. | ||
Personal Data |
|
|
(*) Scope of Personal Data might depend on the operations you wish to conduct | ||
Legal Basis | Contract (enabling functionalities of your account) | |
Transaction Management | ||
You can conduct various transactions through your Account, including:
Performing transactions require processing of certain Personal Data, otherwise the transaction cannot be conducted. In the event our services is accessed by you via our partner (e.g. Qovex as a Service), we may share with such partner additional information related to your request, as may be required to perform the service within the scope of the agreement between us and such partner. | ||
Personal Data |
|
|
Scope of information depends on the type of payment method you select. (*) if you decide to deposit amounts / purchase crypto with credit card payment, the information is substituted by token, designated to keep your data secure. This information will not be stored by Qovex, but by our card payment service provider. (**) This information is shared with our partner through which you utilize our services. | ||
Legal Basis | Contract (enabling functionalities of your account) | |
Transaction & Account Monitoring | ||
AML requires us to conduct ongoing due diligence, including the scrutiny of your transactions, for example, to ensure consistency with the information you have provided us with during onboarding/verification. For these purposes, we:
In addition to the above, we may require additional information or an explanation from you to comply with AML requirements. | ||
Personal Data |
|
|
Scope of Personal Data collected or processed for this purpose depends on your activity, applicable AML requirements and other factors. | ||
Legal Basis | Compliance with legal obligation | |
Transaction & Price Alerts/Notifications | ||
If you choose to receive transaction & price alerts or notifications about:
You give us consent to inform you about the requested information through SMS or email communication (based on your preferences). You can change your consent settings or price information at any time. | ||
Personal Data |
|
|
Scope of Personal Data depends on the type of communication you choose and scope of notification you require. | ||
Legal Basis | Consent | |
Complaints & Customer Support | ||
At any time, you can initiate communication with us through any appropriate means of communication (email, support tickets, social media etc.) and we will process relevant Personal Data, the scope of which depends on your request, including for potential preparation of any documents requested by you. For certain actions we might also require you to identify yourself to prevent unauthorized access. | ||
Personal Data |
| |
Scope of Personal Data depends on the content of the complaint or required customer support. | ||
Legal Basis | Contract or Legal Obligation | |
Know Your Customer (“KYC”) Reliance | ||
If you plan to use a certain Qovex Product or Service, it might be required that we share or receive your Personal Data with Qovex third-party providers of services (e.g. lending) or partners via which you access services provided by us. Such sharing will be made solely for the purposes of due diligence within the scope of AML requirements for the use of such a product or service. In the event you plan to conduct trading with derivates, Qovex Company to which you are onboarded (registered) will share required Personal Data with Qovex Financial Services d.o.o., which will provide you with the option of trading with derivates. You will be notified about any such sharing before you start to use the relevant Qovex Product or Service in the applicable Terms of Use and will also receive a reference to that counterparty privacy notice, explaining how the counterparty will process your Personal Data as an independent Controller. | ||
Personal Data |
|
|
Scope of Personal Data depends on the nature of individual and AML requirements for specific entity and risk factors. | ||
Legal Basis | Contract (enabling you use relevant products) | |
Qovex Connect & API Keys | ||
If you decide to use Qovex Connect, you will need to provide your consent to share your Personal Data with integrator of your choice. On the consent form, you will receive information about types of Personal Data which will be shared, and the functionalities the integration will enable you to use, as well as a link to the Privacy Notice of the Integrator that will process your Personal Data as an independent Controller. The consent and integration will be valid for 180 days, after which you will have to re-consent. You can terminate the integration or withdraw your consent at any time. If you choose to connect API Keys with your Account, Qovex does not have any information on which data you share and who is the recipient. Doing so is your responsibility. The responsibility of the recipient of this information is to comply with applicable Data Protection Laws. When you decide to share your Personal Data with third parties we are not responsible and liable for any processing of Personal Data on their behalf or any actions performed on that third party site. | ||
Personal Data |
|
|
| Scope of information depends on the integrator. You will be informed prior submitting your consent/agreeing sharing your data. | |
Legal Basis | Consent | |
Direct Marketing Communication (Email and Push Notifications) | ||
We have a legitimate interest to promote our company, products, services or share other relevant information about us. For this purpose we will send you emails or share pop-up messages (which may be shown only when you are signed to your Account) with news, updates, promotions, market trends, or information about our new products and services. The processing will involve segmentation and analytics of whether you have seen/opened or acted on our direct marketing communication.
In some cases we might send you direct marketing communications based on explicit consent you provide to us:
Not all communication from us is direct marketing communication. This means communications may be for other purposes and can be conducted based on another legal basis. This means you will receive the communication regardless of whether you objected to the processing, or we don’t have valid consent. | ||
Personal Data |
|
|
Scope of Personal Data we will process depends on the type and scope of communication and legal basis used for processing of your Personal Data. | ||
Legal Basis | Legitimate Interest or Consent | |
Internal Analytics | ||
We are constantly trying to improve our products and services and for this purpose we are processing certain Personal Data. Whenever possible the analysis is prepared based on pseudomized data to ensure your privacy is respected. | ||
Personal Data |
|
|
Scope of Personal Data we will process depends on the type and scope of communication and legal basis used for processing of your Personal Data. | ||
Legal Basis | Legitimate Interest or Consent | |
Control Operations | |
We may process your Personal Data for the purpose of prevention of fraud and financial crime, which includes development and improving of our anti-fraud systems, preventing, detecting, investigating, and prosecuting security threats, fraud, financial crimes, misconduct or other illegal or malicious activity and meeting our legal responsibilities | |
Personal Data | No additional data is collected. The scope of processing depends on the applicable requirements. |
Legal Basis | Legitimate Interest or Legal Obligation |
Ensuring & maintaining security | ||
We are constantly trying to implement state-of-art security measures for the protection of our systems, your Personal Data and any assets you might have stored for us. For this purpose, we are required to process certain Personal Data, which is limited to what is required. | ||
Personal Data |
|
|
Legal Basis | Legitimate Interest to protect the information and assets | |
Reporting to authorities | ||
We are subject to various legal obligations to report to the relevant authority’s information required within the scope of ongoing/periodical reporting or ad hoc requests received by such authorities. The scope of Personal Data depends on the requested information by the authority. | ||
Personal Data |
|
|
Scope of Information depends on the authority’s request | ||
Legal Basis | Compliance with Legal Obligation Legitimate Interest, in case the request is not mandatory but we decide to share the information regardless upon proper evaluation of the information. | |
Reporting to trade repositories | ||
Under the European Market Infrastructure Regulation (EMIR), EU counterparties are required to report details of any derivative contract they have concluded, modified or terminated. To ensure all derivate contracts that are subject to EMIR reporting obligation are properly reported, Qovex Financial Services d.o.o. will:
| ||
Personal Data |
|
|
Legal Basis | Legitimate Interest | |
Pursuing, defending or assisting in any claims, litigation or other proceedings | ||
In certain cases Qovex may be required to process your Personal Data for the purposes of pursuing, defending or assisting in any claim, litigation or other proceedings related to you and such data might be disclosed to external lawyers, courts or other administrative bodies. | ||
Personal Data |
|
|
Scope of Information depends on the type of claim, litigation or other proceeding and your role in relation to this. | ||
Legal Basis | Legitimate interest to pursue, define or assist in claims, litigation or other proceedings | |
Internal & External Audit | ||
Qovex Companies are subject to legal requirements to appoint internal and/or external auditors in relation to various aspects of our compliance with applicable legislation. Auditors may request certain information which may identify you for the purposes of specific audit scope. | ||
Personal Data |
|
|
Scope of Information depends on the type of claim, litigation or other proceeding and your role in relation to this. | ||
Legal Basis | Compliance with Legal Obligation. | |
Corporate Governance | ||
In the fast-paced environment we are adjusting strategies based on regulatory and business requirements and processing of your Personal Data might be considered within this scope in the following cases:
| ||
Personal Data |
| · |
Scope of Information depends on the type of claim, litigation or other proceeding and your role in relation to this. | ||
Legal Basis | Legitimate Interest | |
Cookies
We use cookies and other tracking technologies to ensure the website and apps are working smoothly to provide you with the functionalities you need, and we also use other cookies, which are not necessary for this (e.g. analytical, social media and marketing). You can read more about cookies, consents and how to control your cookie settings in our Cookie Policy.
To whom we may disclose your Personal Data
Qovex will never sell your Personal Data, however Qovex may disclose your Personal Data in circumstances defined below.
Processors of Personal Data
We might disclose your Personal Data to third parties (including intragroup entities), where such third parties are performing services on our behalf, which includes:
Cloud Service Providers, where we store your Personal Data,
IT service and maintenance providers,
Companies performing background checks and verification providers,
Third parties providing customer care and support services and other customer facing services, which involve processing of Personal Data,
Internal and external auditors, who may request some limited amount of Personal Data,
Any other service providers, which may need access to your Personal Data for the performance of their service.
To ensure proper safeguarding of your Personal Data, we conduct prior and ongoing due diligence checks of all such third parties, and sign relevant contracts, to ensure third parties implement appropriate technical and organizational measures for protection of your Personal Data, and your Personal Data is used only for the purposes defined in this Policy and in accordance with applicable Personal Data Laws.
Based on your consent
In some cases disclosure of your Personal Data to third parties is based on your explicit consent, which you can always revoke. Such disclosure is made in case of:
Qovex Connect use (when you consent for sharing your Personal Data to third party platforms for various purposes).
API Keys: in case you implement API Key to your account, certain Personal Data might be disclosed to third parties.
All such Personal Data is processed by those third parties in accordance with their Privacy Policy.
Based on the contract
In case you wish to use certain Qovex Services, we need to share your Personal Data with the provider of such a service (e.g., Lending). Prior to any sharing of your Personal Data, you will be informed about this and can decide not to use the service if you don’t want to share your Personal Data.
Banks & other financial institutions
When you conduct transactions (bank deposits/withdrawals, payments with credit cards or other payments), banks may require us to submit Personal Data about the person involved in transaction. To fulfill the contract to provide you the Services or based on legal obligation (as authorized under Section 314(b) of the US Patriot Act and/or any other applicable regulation, and with tax authorities, including the US Internal Revenue Service, pursuant to the Foreign Account Tax Compliance Act (“FATCA”), to the extent that this statute may be determined to apply to Qovex), your Personal Data may be shared with the banks, upon their request.
Legal Authorities
We may receive the requests from law enforcement, data protection authorities, government officials and other authorities (“Legal Authorities”) when:
Compelled by a court order or other legally binding order.
Disclosure is necessary to report suspected illegal activity.
Disclosure is necessary to investigate or report breach of this Notice or our Terms of Use; or
Disclosure is carried out based on legitimate interest, to comply with non-binding requests from Legal Authorities, protecting the interests of Qovex, and which do not override your rights and freedoms or is otherwise permitted based on Personal Data Law.
Will your Personal Data be transferred to third countries?
We store your Personal Data primarily in the European Union; however, some storage locations or processing might also be conducted in third countries, located outside of European Union, which do not benefit from adequacy decision issued by the European Commission.
In such cases, where the transfer takes place, we will ensure sufficient safeguards for the protection of Personal Data are adopted, by concluding Standard Contractual Clauses, adoption of binding corporate rules or approved code of conduct. We might also apply the derogations and transfer Personal Data based on your consent (e.g. in case where you consent to use Qovex Connect) or the transfer is necessary for the performance of the contract (e.g. when we need to share the information with counterparty cryptoasset service provider when conducting the transfer of crypto to another crypto exchange). In case of applicability of UK Data Protection Laws, we will conclude international data transfer agreement (“IDTA”) or addendum to European Union Standard contractual clauses, whatever will be applicable for certain cooperation.
How can you exercise your Personal Data Rights?
You can request exercise of Personal Data Rights, by:
Submitting your request through your Qovex Account- Contact Support, in Settings.
Sending your request by email to [email protected] or by using contact information above.
We will comply with your request in the shortest time possible, but no longer than one month. In certain cases, we might extend this period, but we will notify you about such prolongation prior to the expiry of one month, informing you about the reasons for the delay.
In case Personal Data Rights are requested through email communication, we reserve the right to verify your identity to prevent unauthorized access to third parties, who might request such rights on your behalf.
Right | Scope |
Right of access | You can request confirmation of whether we process your Personal Data, a copy of your Personal Data and obtain information about how we process your Personal Data. You can read about this in this Policy or ask specific questions. In case disclosure of information would reveal Personal Data of another individual, we may reject your request. |
Right to correct/rectify | You can request correction/modification of incorrect or incomplete information. We might still store your previous information for complying with applicable legislation. |
Right to erasure/be forgotten | You can request deletion of your Personal Data, if it is no longer needed for the purposes for which it was collected/processed, you withdraw consent and there is no additional legal ground for processing, if there are no legitimate interests, the Personal Data is unlawfully processed or the erasure is required to comply with applicable legislation. We will not delete/erase your data, if we need to process it to comply with applicable laws, or this is needed for the purpose of establishment, exercise, or defense of legal claims. In addition, we might also not be able to fulfil your request if you still plan to use our services and plan to keep your account. |
Right to restrict the processing
| You can ask us to suspend the processing in certain circumstances (e.g. if you want to establish the accuracy of your Personal Data). Personal Data will solely be used for the purpose of potential establishment, exercise or defense of legal claims or based on your consent. |
Right to data portability | You have the right to receive the Personal Data, which you provided us, in a structured, commonly used and machine-readable format and have the right to transmit this data to another controller, if the processing is based on consent or contract and the processing is based by automated means. |
Right to object | You have the right to object to the processing if the processing is based on legitimate interest. We will stop such processing unless we have compelling legitimate grounds for further processing, which overrides your interests, or we need processing for the purpose of establishment, exercise or defense of legal claims. For processing of Personal Data for direct marketing purposes, you can object directly within such marketing communication, as explained above. |
Right to automated individual decision making, including profiling. | You have the right not to be subject to automated individual decision making, including profiling, which produces legal effects concerning you or significantly affecting you. This does not apply if the decision is necessary for entering, or performance of, a contract between you and us. |
Right to withdraw consent | Where processing is based on consent, you have the right, at any time, to withdraw the consent. |
Right to lodge complaint to supervisory authority | You have the right to lodge a complaint with the applicable supervisory authority, if you believe processing of your Personal Data is not compliant with Data Protection Laws. - European Union: If you are a resident of European Union or onboarded to Qovex Europe SA., you can lodge your complaint to Luxembourg data protection authority (Commission nationale pour la protection des données, Tel: 00352 26 10 60 1 or at www.cnpd.public.lu), which we consider as lead supervisory authority or to any other national authority in the field of data protection. If you use the services provided by Qovex, finančne storitve, d.o.o., you can lodge complaint to Information Commissionaire of Republic of Slovenia (https://www.ip-rs.si/), which Qovex, finančne storitve, d.o.o. consideres as lead supervisory authority or to any other national authority in the field of data protection. - : If you are a resident of the or onboarded to Qovex UK Limited, you can lodge your complaint to the UK’s Information Commissioner’s Office, Tel: 0044 1625 545 700 or at www.ico.org.uk - British Virgin Islands: If you are onboarded to Qovex Global Limited, you can lodge your complaint to the BVI Information Commissioner (+1(284) 468-3701 [email protected] ) |
How is your Personal Data secured?
We use a variety of security measures to ensure the confidentiality of your Personal Data, and to protect your Personal Data from (a) loss, (b) theft, (c) unauthorized access, processing alteration or destruction, (d) misuse or (e) other similar risks.
Our information security framework is based on recognized international security standards and is independently audited for compliance and effectiveness. We are committed to constantly improving our practices to ensure your Personal Data is safe, considering new legal and technical developments.
All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database. Only authorized Qovex personnel are permitted access to your Personal Data, and these personnel are required to treat your Personal Data as highly confidential.
We do not ask for financial or payment information, such as your credit card number, passcode, account number or PIN number, in an e-mail, text or any other form of communication that we use to contact you. Please always check that any website on which you are asked for financial or payment information in relation to our services is operated by Qovex. If you do receive a suspicious request, do not provide your information and report it by contacting one of our Service representatives as set in this Privacy Policy.
You are responsible for keeping your Account passcode, membership numbers and PIN numbers safe and secure. Do not share those with anyone. If there is an unauthorized use or any other breach of security involving your information, you must notify us as soon as possible (see the Contact Us section below).
How long will we keep your Personal Data?
Qovex Companies have adopted a Retention Policy, which defines retention periods and conditions when Personal Data of our Users will be deleted, considering:
the account status (active/terminated/closed),
account activity (transactions),
obligations defined by applicable legal requirements (including, but not limited to AML/KYC regulation),
potential or an existing case, which requires us to establish, exercise or defend legal claims,
any other circumstances that may arise.
We will keep all your Personal Data while your account is active (open) or until the purpose for which it was collected was fulfilled and for a period of at least 5 years after your Account has been closed/terminated. This period can be prolonged for an additional 5 years or longer, considering applicable AML /KYC requirements.
General Information
This Policy is published on our website and accessible at any time and is valid from the date above. The Policy may be updated at our sole discretion and any changes will be published on our website or communicated with you through similar means.
Appendix A: Residents of the State of California (USA)
In this section, we provide additional information to California residents about how we handle their Personal Data, as required under California privacy laws, including the California Consumer Privacy Act ("CCPA"). This section does not address or apply to our handling of publicly available information lawfully made available by state or federal government records or other personal information that is exempt under the CCPA.
A. Categories of Personal Information Under the CCPA
While our collection, use and disclosure of Personal Data varies based upon our relationship and interactions with you, in this section we describe, generally, how we have collected and disclosed personal information about consumers in the prior 12 months.
Sources of Personal Information. As further described in the Personal Data We Collect section above, we may collect Personal Data from the following sources:
directly from the individual
advertising networks
data analytics providers
social networks
internet service providers
operating systems and platforms
government entities
business customers/clients
Categories of Personal Data Collected and Disclosed. In the table below, we identify the categories of Personal Data (defined as "personal information" under the CCPA) we have collected and disclosed for a business purpose, as defined by the CCPA, as well as the categories of third parties to whom we may disclose such Personal Data. For more information about the business and commercial purposes for which we may disclose, as defined by the CCPA, Personal Data, please see the How we collect and process your Personal Data and Disclosing and To who we may disclose your Personal Data sections above.
Categories of Personal Data | Description | Do We Disclose for a Business Purpose? | Do We Sell? | Categories of Third Parties to Whom Personal Data is Sold or Disclosed |
Identifiers | Includes direct identifiers, such as name, alias, user ID, username, account number or unique personal identifier; e-mail address, phone number, address and other contact information; IP address and other similar identifiers. | Yes | No |
|
Usage Data | Includes browsing history, clickstream data, search history, access logs and other usage data and information regarding an individual's interaction with our websites, and our marketing e-mails and online ads. | Yes | No |
|
Customer Records | Includes name, account name, user ID, contact information, and financial or payment information that individuals provide us in order to purchase or obtain our products and services. | Yes | No |
|
Commercial Information | Includes records of products or services purchased, obtained, or considered, or other purchasing or use histories or tendencies. | Yes | No |
|
Inferences | Includes inferences drawn from other personal information that we collect to create a profile reflecting an individual's preferences, characteristics, predispositions, behavior, attitudes, intelligence, abilities or aptitudes. | Yes | No |
|
Audio, Video and Electronic Data | Includes audio, electronic, or similar information, such as photographs, images, and videos that you provide to us and call recordings. | Yes | No |
|
Professional Information | Includes professional and employment-related information, such as current and former employer(s) and position(s) and business contact information. | Yes | No |
|
Biometric Information | Physiological, biological or behavioral characteristics that can be used alone or in combination with each other to establish individual identity. | Yes | No |
|
Education Information | Includes professional and employment-related information. | Yes | No |
|
B. Your Consumer Rights under the CCPA
Right to Request Disclosure. You have the right to request, free of charge, that we disclose information about our collection and use of your Personal Data over the past twelve (12) months, including:
The categories of Personal Data we collect about you;
What Personal Data we collect, use, or disclose about you;
The categories of sources of the Personal Data we collect about you;
Our business or commercial purpose for collecting the Personal Data;
For each category of Personal Data, the categories of third parties with whom it was disclosed; and
The specific pieces of Personal Data we collect about you.
For more information on how to request information about our collection, use, and disclosure of your Personal Data, please see the Submitting CCPA Requests section below.
Right to Request Deletion. You have the right to request the deletion of your Personal Data that we collected. For more information on how to request deletion, please see the Submitting CCPA Requests below. Once we receive your request and verify your identity, we will review your request to see if an exception allowing us to retain the information applies. We will delete or de-identify Personal Data not subject to an applicable exception from our records and will direct our service providers to take similar action.
You do not need to create an account with us to exercise your deletion rights. We will only use Personal Data provided in a deletion request to review and comply with the request.
Right to Request Opt-Out of the Sale of Your Personal Data. The right to request to opt-out of the sale of your Personal Data is not relevant to to the fact that we do not sell the Personal Data of consumers.
Right of Non-Discrimination. You have the right to be free from discriminatory adverse treatment for exercising these rights. We will not discriminate against you for exercising any of your CCPA rights.
C. Submitting CCPA Requests
Requests to Know or Delete. To exercise your rights to know or delete, as described above, you may submit a request by contacting us through the Contact Us section below.
Verification of Requests. Only you, or an individual legally authorized to act on your behalf, may make a request to know, delete, or opt-out related to your Personal Data. To designate an authorized agent, please contact us by using the contact information in the Contact Us section below.
You may only submit a request to know twice within a 12-month period. Your request to know or delete must:
Provide sufficient information that allows us to reasonably verify you are the person about whom we collected Personal Data, or that the requestor is your authorized representative.
Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
We may request information from you to verify your identity. Additionally, we may require that authorized agents provide proof of their authorization. We cannot respond to your request or provide you with Personal Data if we are unable to verify your identity, your authority to make a request on behalf of another person, or if we cannot confirm that the Personal Data relates to you. In general, we will verify your request and your identity by matching the information you provided with the information we have in our records.
You do not need to create an account with us to submit a request to know, or to submit a request to delete your Personal Data.
We will only use Personal Data provided in the request to verify the requestor's identity or authority to make it.
Appendix B: Gramm- Leach- Bliley Act (GLBA)
The Gramm- Leach-Bliley Act (“GLBA”) requires from Qovex USA Inc. to explain their information sharing practices and to provide you with option to opt- out of certain disclosures of your Personal Data.
FACTS | WHAT DOES BITSTAMP DO WITH YOUR PERSONAL INFORMATION? |
Why? | Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. Federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do. |
What? | The types of personal information we collect and share depend on the product or service you have with us. This information can include:
When you are no longer our customer, we continue to share your information as described in this notice. |
How? | All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Qovex chooses to share; and whether you can limit this sharing. |
Reasons we can share your personal information | Does Qovex share? | Can you limit this sharing? |
For our everyday business purposes — such as to process your transactions, maintain your account(s), or respond to court orders and legal investigations, or report to credit bureaus | Yes | No |
For our marketing purposes — to offer our products and services to you | Yes | No |
For joint marketing with other financial companies | No | We don’t share |
For our affiliates' everyday business purposes — information about your transactions and experiences | Yes | No |
For our affiliates' everyday business purposes — information about your creditworthiness | No | We don't share |
For our affiliates to market to you | No | We don't share |
For nonaffiliates to market to you | No | We don't share |
Questions? | Check section Qovex Companies, Contact Information and Data Protection Officer(s) of the Privacy Policy |
Who We Are | |
Who is providing this notice? | This notice is being provided on behalf of Qovex USA Inc and its affiliates. |
What We Do | |
How does Qovex protect my personal information? | To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. |
How does Qovex collect my personal information? | We collect your personal information, for example, when you:
We may also collect your personal information from others, such as credit bureaus, affiliates, or other companies. |
Why can't I limit all sharing? | Federal law gives you the right to limit only:
State laws and individual companies may give you additional rights to limit sharing. |
Definitions | |
Affiliates | Companies related by common ownership or control. They can be financial and nonfinancial companies. Our affiliates include, but is not limited to:
|
Nonaffiliates | Companies not related by common ownership or control. They can be financial and nonfinancial companies.
|
Joint Marketing | A formal agreement between nonaffiliated financial companies that together market financial products or services to you.
|
Other Important Information |
|
Appendix C: Definitions
- “Account” means the contractual arrangement wherein a Qovex member has accepted our Terms of Use and this Privacy Policy, and received approval to use the Qovex Services, including the purchase and sale of Virtual Assets and to perform associated Transactions.
- “Qovex Services & Products” or any variation means the services and products as set out in our Terms of Use.
- “Personal Data” means information that identifies an individual or from which an individual may be identified, or other information defined as "personal information," "personal data," or "personally identifiable information" under Personal Data Laws. Personal Data does not include anonymized, de-identified and/or aggregated data that does not identify a specific user.
- “Personal Data Laws” means any applicable data protection laws, including but not limited to EU General Data Protection Regulation 2016/679, UK General Data Protection Regulation, and the British Virgin Islands Data Protection Act, 2021, Federal and State laws in United States and its successors and subsidiary legislation, and other applicable data protection laws.
- “Processing” means the carrying out of any operation or set of operations in relation to Personal Data, including collecting, using, disclosing, recording, holding, organizing, adapting, altering, retrieving, combining, transmitting, transferring, erasing or destroying personal data, and “process” and “processed” and “process” and “processed” will be construed accordingly.